systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill includes a bash script
find-polluter.shand various CLI examples (e.g.,npm test,security list-keychains). These are standard diagnostic tools for software development and debugging. The script executesnpm teston files discovered via a user-defined pattern, which is intended behavior for a developer-centric utility. - [DATA_EXFILTRATION] (SAFE): No network-based exfiltration patterns or hardcoded credentials were found. Examples provided for environment variable checking (e.g.,
${IDENTITY:+SET}) are designed to verify existence without exposing actual secret values. - [PROMPT_INJECTION] (SAFE): The skill contains internal behavioral constraints ("The Iron Law") to prevent the agent from rushing to fixes, but these do not attempt to override system-level safety protocols or jailbreak the model.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no patterns involving the download and execution of external scripts (e.g.,
curl | bash). All code components are local and transparent.
Audit Metadata